Page 1 of 3 123 LastLast
Results 1 to 10 of 25

Thread: Fear This!

  1. #1
    Join Date
    Mar 2003
    This is a long read but it is interesting. At least check out the red sections.

    Marcus Sachs
    Marcus Sachs was the Director of Communications Infrastructure Protection in the
    White House under Richard Clarke and a staff member of the President's Critical
    Infrastructure Protection Board. Marc played a key role as the lead government technical
    person responding to several major attacks and vulnerabilities from Code Red to sendmail
    to Blaster. He recently returned to SANS where he will translate the lessons he learned in
    the Army, the White House, and the Department of Homeland Security, into improvements
    and expansions of SANS courses. At CDI, Marc will help present the 2003 SANS/FBI Top
    20 Internet Security Vulnerabilities.
    A couple of months ago, Marc was visiting Australia when The Australian's journalists
    caught up with him and asked about implementation of the US National Strategy to Secure
    Cyberspace. Here are excerpts from that interview.

    You say the Internet was created on open
    protocols to connect universities and govern-
    ments, but it was not designed to protect infor-
    mation from malicious users. Today the Internet
    connects everybody everywhere - how do we
    begin to get international agreement over
    securing such a structure?
    I don't think any of us, in the history of
    humankind, have ever seen anything like this,
    other than perhaps the law of the sea where we
    agreed aeons ago to an international law for
    merchant shipping and such.
    I don't know of any other phenomenon, or
    technology, or cultural change as big as this,
    and we've only created it in the past 10 years.
    Look how far we've come in less than half a
    It is a huge challenge, but we built the
    Internet, so we ought to be able to defend it.
    How will the Department of Homeland Security
    and other US agencies address the problem,
    given the enormous diversity of people linked to
    the network?
    We are conscious there are other people out
    there - that the US doesn't own the Internet. We
    have a big problem at home, of course, with
    homeland security, so that has to be our
    number-one focus.
    But we can never forget that it's a global
    network and a global culture.
    So, at the same time we're pushing the
    domestic agenda, we push the international
    agenda - but not on the world stage. We push
    the international agenda at home, so that others
    recognize this is not just a US issue; this also
    affects Mexico and Canada because they're
    directly connected to us, and then people on
    other continents that are connected to us by
    undersea cables or satellites.
    We also host thousands of servers that
    belong to other nations - entire countries have
    their online presence electrically in the US.
    So we are stewards, essentially, of those
    countries' presence in cyberspace, their
    commerce -- they depend on us.
    US authorities haven't even been able to curb all
    the spam that originates in the US.
    Yes, and the spam that comes from small
    Pacific islands or Caribbean islands or African
    Most of it comes from the States.
    Unfortunately, a lot of it now has moved
    offshore into smaller countries with high-speed
    connections. It may say and may say it's
    registered in the US, but electrically it sits
    someplace else -- again, they are also trying to
    get out of Europe.
    So even spammers are trying to go for a low-
    cost, offshore option.
    That's exactly right. It's no different from
    banks or gamblers who go outside territorial
    So where do we start if we are going to make
    the Internet more secure?
    Initially we're pushing for accountability.
    Many people want to be anonymous on the
    Internet as individuals, and that's fine. There's
    nothing wrong with that - you can maintain
    your anonymity.

    But your computer -- the actual device
    connected to the network -- needs to be
    accountable. We need to know where that
    address is, so that if a piece of silicon and
    copper starts misbehaving we can mark it as
    unsafe and quickly take it off the network.

    As a human being, you can still be
    anonymous. It's just the electrons -- the piece
    of hardware -- that we need to identify.
    That's where there's a new protocol coming,
    called IPv6, that will enable us to positively
    identify all the machines that are out there.

    That would open up a brand-new world of
    Yes, it does. If you can uniquely identify
    every device on the network, you can start doing
    many new things.
    There's a remarkable experiment going on
    in Japan, for example, where they have
    connected little sensors to the windshield wipers
    on taxi cabs and set up a wireless network
    throughout Tokyo. They know that wherever
    the wipers are running, it's raining. That
    provides a far more accurate rain map than any
    radar system could provide.
    You can't do that with existing networks, but
    you can with IPv6. Now, if a set of wipers started
    misbehaving, I could take it off the network - to
    save the network -- because I can account for
    that device.

    That would include every PDA or mobile phone?
    Everything. Everything will be uniquely
    addressed -- your refrigerator, your microwave
    oven, your wristwatch, anything that can be
    connected to the network.

    So by having an accountable network, we
    can then start realizing some of the security we
    want, because we know where every little piece is.
    Again, that's separate from the humans that
    are on the network, where we want to maintain
    some privacy.
    You've flagged a need for new routing and
    naming mechanisms to deliver truly dependable
    network services.
    Routing protocols today are already
    reaching their limits. They were not designed
    for a network as big as the Internet; they were
    designed for smaller networks. If we go to even
    larger networks, we need to have new types of
    routing protocols, and we need new naming
    protocols -- ones that are much more adaptive
    to rapidly changing networks.
    I'm looking at the networks of the future
    because, remember, we're only 10 years into the
    web -- what the general public understands as
    the Internet.
    There were 20 years of development before
    that, of course, that most people aren't aware of,
    but we're still only talking 30 years. We're
    building networks that may last for the next 1000
    years or more.
    Now, are we going to do that with today's
    protocols, and who is going to come up with
    new ones?
    For example, do we want spam e-mail to go
    away? Probably. When we come back 100 years
    from now, do we think spam will still be a
    problem? At some point, hopefully, we will have
    taken care of spam. But when is that point - is it
    next year, is it 10 years from now?
    We're arguing that this generation -- us --
    we're the ones who are responsible for building
    the networks that everybody else will have to
    live with, pretty much forever. It's much like the
    Romans building their roads in Europe.
    In every country, the width of today's roads is
    largely based on the original Roman roads, and
    the original Roman war chariots. Those
    standards are still around.
    Assuming we don't blow the planet up,
    standards being established today may still be in
    communications and information networks in
    1000 or 2000 years from now.


    You also talk about trusted software, and
    resilient services that don't fail.
    Trusted or trustworthy software refers to
    software that actually does what it is supposed to
    do. If I have graphics software like PowerPoint,
    all it really does is graphics - it has nothing else
    built into it.
    A classic example years ago was Microsoft's
    Excel spreadsheet. One version had a flight
    simulator built into it - you went to a certain
    cell, pushed keys in the right order, the screen
    would change and you would get flight

    That's not trustworthy software, because I
    paid for a spreadsheet. I didn't pay for a flight
    simulator. How do we know what else is in
    commercially available software? We need to
    have software engineers and companies thinking
    in terms of writing code that only does what it's
    supposed to do, and not adding things that
    people may not know about.
    Well, maybe that's something for legislators to
    No, why does that need a legal response?
    It's a question of ethics, a cultural change that
    says software writers need to create software that
    does what it is supposed to do, versus software
    that has unknown built-in features.
    But surely there's a commercial impetus for a
    company such as Microsoft to cultivate its
    interests in various ways, including extra
    Part of this is also about consumer
    awareness, in the sense that you have a choice
    in what you buy. Microsoft is very dominant,
    but you don't have to buy its products - there's
    competition out there.
    We recently saw an example of consumer power
    in relation to the planned introduction of radio
    frequency ID tags. There was a huge backlash
    over the potential for monitoring.
    Sure, if a store wants to tag a box of corn
    chips that's okay -- until I buy it. When I've
    paid, the tag needs to be erased. Nobody needs
    to know that bag of corn chips is in my car and
    where I go when I leave the store.
    What about when a smartchip is embedded in
    The technology makes it possible to embed
    a smart chip, which the maker can use to track
    the garment from the warehouse to the store.
    But if the tag is not turned off when you walk
    out of the store, it can be used to track you. So
    the tag needs to be killed at the point of
    You think consumer pressure will achieve that?
    Absolutely. Consumers have a lot of control
    if they work together.
    Are you talking about measures like encryption,
    public key infrastructure?
    People have been trying to figure out how to
    set up cryptographic exchanges so information
    can be transferred in a secure manner -- as an
    encrypted message that only you can open. But
    how do we exchange the keys? How do I give
    you the key to unlock the file I'm going to send
    without somebody in between intercepting
    that key?
    This is a huge challenge, and there are a lot
    of solutions out there but none of them really
    scale to the entire Internet.
    That's the challenge.
    How do we get something that scales to the
    entire planet and, ultimately, into the solar
    system? Well, there's no stopping it, right? We
    can just keep going and going.

  2. Software & Hardware   -   #2
    ZaZu's Avatar I know stuff ...
    Join Date
    Sep 2003
    Q. How can I tell if the IPv6 Protocol for Windows XP (prior to SP1) is installed? It does not appear in the list of protocols in Network Connections.

    A. The installation of the IPv6 Protocol for Windows XP (prior to SP1) does not use the standard procedure for protocol installation in the Network Connections folder. Because of this, it is not visible as an installed protocol. To determine whether IPv6 is installed, type ipv6 at the command prompt; if IPv6 is installed, you will see a display of your IPv6 interfaces and their configuration. Otherwise, the ipv6 command will specify that IPv6 is not installed.


    If you attack the establishment long enough and hard enough, they will make you a member of it.
    -- Art Buchwald --

  3. Software & Hardware   -   #3
    MediaSlayer's Avatar slowly going deaf
    Join Date
    May 2003
    ur anus
    Oh FUCK how do u uninstall this shit?

    sending fiery missiles in manker's japan's general direction.

  4. Software & Hardware   -   #4
    Join Date
    Mar 2003
    Its good its mad mate.

    To be honest thou mate i can't see the net progressing much further 'technology wise' myself.Their just scared of the fact that they havnt got absoulute control of everyboby on the planet,not knowing where every possible threat could be.With the possibility of the net being used as a tool to obtain hidden info they may have stowed away as data or some user taking control over one of their systems.

    just pushin' "it needs to be done to benifit you".If they know where every device is,it need to be turned on/off mantained or at least,lecy paid.But it wont be an issue with alot of ppl just another good addition for for a good happy society.

  5. Software & Hardware   -   #5
    MediaSlayer's Avatar slowly going deaf
    Join Date
    May 2003
    ur anus
    and what does sp1 matter if its installed?

    sending fiery missiles in manker's japan's general direction.

  6. Software & Hardware   -   #6
    Join Date
    Mar 2003
    Thanks for that info and link.

    This might also be of interest to anyone sharing files from XP

    Q. How do I uninstall the IPv6 Protocol for Windows XP?

    A. To remove the IPv6 Protocol for Windows XP:

      1. Log on to the Windows XP computer with a user account that has local administrator privileges.
      2. Open a command prompt. From the Windows XP desktop, click Start, point to Programs, point to Accessories, and then click Command Prompt.
      3. At the command prompt, type:

    ipv6 uninstall

  7. Software & Hardware   -   #7
    That would open up a brand-new world of
    Yes, it does. If you can uniquely identify
    every device on the network, you can start doing
    many new things
    Yes, after having that in my pc i can do many things , like fucking my self.

  8. Software & Hardware   -   #8
    Join Date
    Aug 2003
    C:\Documents and Settings\USER NAME>IPv6
    usage: ipv6 [-p] [-v] if [ifindex]
    ipv6 [-p] ifcr v6v4 v4src v4dst [nd] [pmld]
    ipv6 [-p] ifcr 6over4 v4src
    ipv6 [-p] ifc ifindex [forwards] [-forwards] [advertises] [
    mtu #bytes] [site site-identifier] [preference P]
    ipv6 rlu ifindex v4dst
    ipv6 [-p] ifd ifindex
    ipv6 [-p] adu ifindex/address [life validlifetime[/preflife
    t] [unicast]
    ipv6 nc [ifindex [address]]
    ipv6 ncf [ifindex [address]]
    ipv6 rc [ifindex address]
    ipv6 rcf [ifindex [address]]
    ipv6 bc
    ipv6 [-p] [-v] rt
    ipv6 [-p] rtu prefix ifindex[/address] [life valid[/pref]]
    [publish] [age] [spl SitePrefixLength]
    ipv6 spt
    ipv6 spu prefix ifindex [life L]
    ipv6 [-p] gp
    ipv6 [-p] gpu [parameter value] ... (try -?)
    ipv6 renew [ifindex]
    ipv6 [-p] ppt
    ipv6 [-p] ppu prefix precedence P srclabel SL [dstlabel DL]
    ipv6 [-p] ppd prefix
    ipv6 [-p] reset
    ipv6 install
    ipv6 uninstall


  9. Software & Hardware   -   #9
    Beautiful screenshots of my pc.

  10. Software & Hardware   -   #10
    Join Date
    Aug 2003
    Originally posted by sharedholder@21 November 2003 - 21:43
    Beautiful screenshots of my pc.

    how is that suposed to help me.

    also i changed the visual settings on my pc with tweak xp and some folders dont have the xp look. like control panel is plain white instead of blue with the icons. search is not like yours eaither. any1 know the default settings??

Page 1 of 3 123 LastLast


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts